Hinweis
Für den Zugriff auf diese Seite ist eine Autorisierung erforderlich. Sie können versuchen, sich anzumelden oder das Verzeichnis zu wechseln.
Für den Zugriff auf diese Seite ist eine Autorisierung erforderlich. Sie können versuchen, das Verzeichnis zu wechseln.
Software Security . . . and stuff.
More FireFox 3.0 entertainment (Fail Open Goat Award)
It's nice to see that the security researchers are taking notice of FireFox's increased share of the...
Author: rhensing Date: 06/18/2008
USA Today writes an article about FF 3.0 - hilarity ensues . . .
https://www.usatoday.com/tech/news/computersecurity/2008-06-17-mozilla-window-snyder_N.htm Boy why...
Author: rhensing Date: 06/18/2008
Our comically un-creative product naming continues . . .
"Windows Embedded NavReady 2009"!?! Really people? I think we totally missed an opportunity to add a...
Author: rhensing Date: 06/17/2008
Freeware un-delete software pwns fancy schmancy 1024 bit encrypting malware?
Seems the miscreants behind the GPCode.ak (<-- picture of message user sees, poor English wording...
Author: rhensing Date: 06/16/2008
Security Bonuses for Vista programmers
Larry Seltzer is IMHO one of the few technology journalists who has actually written code - and thus...
Author: rhensing Date: 06/16/2008
Mama always had a way of explainin' things so I could understand . . .
I give you "Pointer fun with Binky" https://www.youtube.com/watch?v=6pmWojisM_E
Author: rhensing Date: 06/16/2008
Client side cross domain security whitepaper
Boy there's a mouth full . . . I think my head will hurt after reading this - but I will read it...
Author: rhensing Date: 06/11/2008
ISV best practices, Corrupted Heap Termination, the pursuit of (security) happiness . . .
MikeHow just wrote a brief write-up of some of the things our new heap manager on Vista is capable...
Author: rhensing Date: 06/11/2008
IE vs. Firephox? Don't count out Opera . . .
Now with Haute Secure technology:...
Author: rhensing Date: 06/06/2008
A new way to get your favorite tools
On XP or Vista from any network with HTTP outbound access go to start->run and paste this in:...
Author: rhensing Date: 06/05/2008
Windows Desktop Search: Now with less suck!
Anyone with any amount of technical clue who has used Vista has invariably figured out that the...
Author: rhensing Date: 06/05/2008
Adobe PDF exploit generator and targeted attack info
This has to be one of the funniest / saddest things I've read all year . . ....
Author: rhensing Date: 06/03/2008
Static analysis paper
My friend Chris wrote an interesting paper on inferring things from static analysis based on the...
Author: rhensing Date: 06/02/2008
Adobe (non)0-day
Nice blog from Adobe laying some authoritative smack down:...
Author: rhensing Date: 05/30/2008
Dear China, I can haz power now plz? okthxbai
Interesting read: https://www.nationaljournal.com/njmagazine/cs_20080531_6948.php Some interesting...
Author: rhensing Date: 05/29/2008
SensePost blog on arbitrary file downloads in a Juniper AX
Fascinating blog over @ SensePost about a Juniper AX control that allowed arbitrary file downloads...
Author: rhensing Date: 05/23/2008
Safari "carpet bombing" Fail Open Goat Award
So last week Nitesh and Billy Rios found a vuln in Safari that lets a remote attacker / malicious...
Author: rhensing Date: 05/22/2008
Live.com video search!
Whoa - check this out: https://search.live.com/video/results.aspx?q=ferrari&form=QBVR Use...
Author: rhensing Date: 05/21/2008
Gmail - Fail Open Goat Award
Gmail is this month's winner of the Fail Open Goat Award:...
Author: rhensing Date: 05/12/2008
Security news feed
Here's a great RSS feed to subscribe to if you're into getting interesting securtiy news:...
Author: rhensing Date: 05/06/2008
Mah Bluehat blogz - let me show you them!
My somewhat random thoughts on the battle for your PC and how it may play out in the coming year . ....
Author: rhensing Date: 04/30/2008
PayPal throws down . . .
This is VERY interesting and I wonder what sort of time frame they plan on doing this in - because...
Author: rhensing Date: 04/18/2008
Flash NULL pointer + offset code execution . . .
I tend to agree - Mark Dowd is clearly not human:...
Author: rhensing Date: 04/15/2008
Hyper-V
So Brandon Baker is a senior guy on the Hyper-V team. I just came across this blog post of his:...
Author: rhensing Date: 04/14/2008
Espionage using Office documents in the news
First a Wired article: https://www.wired.com/politics/security/news/2008/04/chinese_hackers Next a...
Author: rhensing Date: 04/11/2008
IE8 - DEP enabled by default?
W00t!!! So I guess this is public now:...
Author: rhensing Date: 04/10/2008
I feel dirty . . .
So I've been running WS2008 for a while now. I've got a nice beefy machine that I do all my repro...
Author: rhensing Date: 04/09/2008
Get Kraken!
So much ado is being made about Kraken in the press with people speculating this bot is bigger than...
Author: rhensing Date: 04/07/2008
Apple opting into /GS, DEP and ASLR?
Somebody pinch me . . . I must be dreaming:...
Author: rhensing Date: 04/07/2008
Yet another product with 360 in the name . . .
Ferrari F360 :)Xbox 360Anderson Cooper 360Symantec Norton 360Nordick Track 360Fortify 360?...
Author: rhensing Date: 04/02/2008
On Vista, OSX and security researchers
So I made an interesting observation at Cansec last week. By day 3 I realized that I was the sole...
Author: rhensing Date: 04/01/2008
CanSecWest Day 3 - PWN2OWN update - Vista pwnd
EDIT: So during my presentation today (the 2nd to last one of the day) I guess Shane ended up pwning...
Author: rhensing Date: 03/28/2008
And the Mac falls within 10 minutes on day 2.
So Dragos just announced before lunch that within 10 minutes of opening Day 2 of the pwn2own contest...
Author: rhensing Date: 03/27/2008
CanSecWest - Day 2 Part 1
This morning we started off with a talk on Mobitex from a Toolcrypt guy (OlleB). Olle was a very...
Author: rhensing Date: 03/27/2008
Well done Apple - Safari 0wns!
Not only did it take less than a week (as it did with the beta release) to find critical vulns in...
Author: rhensing Date: 03/27/2008